Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Phishing and Ransomware: How Threat Actors Attack the Financial Services Sector

Trustwave SpiderLabs is prepped to launch its newest threat intelligence research, the 2024 Trustwave Risk Radar Report: Financial Services Sector. The upcoming report, which is set to be released on September 10, promises to be an indispensable resource for cybersecurity professionals. 

This comprehensive report not only sheds light on the modus operandi of a dominant ransomware gang but also delves into the persistent use of phishing and brute-force attacks to compromise credentials. With its in-depth analysis, real-world case studies, and strategic mitigation recommendations, the 2024 Trustwave Risk Radar Report is a comprehensive toolkit designed to empower the financial services sector in the ongoing war against cybercrime.

The report is meticulously crafted to address the unique challenges faced by the financial sector, highlighting significant industry trends, and providing a detailed analysis of the techniques employed by cybercriminals at various stages of their attacks. Trustwave SpiderLabs has consistently been at the vanguard of threat intelligence, and its 2023 report delivered crucial, actionable insights that fortified the financial services sector against cyber threats.

The latest analysis continues our expansive coverage of the threats facing the financial services sector and will be fortified with two companion reports that focus on phishing-as-a-service and insider threats. These threat vectors are particularly vexing to financial services organizations, and so receive some well-deserved attention.

For each topic, the team explains the threat, what Trustwave SpiderLabs is seeing in the wild, and mitigations organizations can take to minimize the problem.

The information included in the report was developed at the source using threat hunts and investigations on the Dark Web to discover how cyber groups develop tactics, techniques, and procedures to strike at financial services organizations.

 

How Threat Actors Withdraw Information

The number of organizations in this sector that have suffered some type of cyberattack is unfortunately long and continuously growing, with some of the more well-known names being struck in the last 12 months, including Bank of America and Prudential Financial.

It should not be a surprise that ransomware continues to be a significant issue for this sector as these organizations handle vast amounts of sensitive data and financial transactions, making each a prime target for cybercriminals seeking to disrupt operations to extract large ransoms. The impact of a ransomware attack on a financial institution can be catastrophic, leading to operational paralysis, substantial financial losses, and severe reputational damage.

However, adversaries are also always looking to expand their target list. While well-established players in the financial sector remain primary targets, the report notes how threat groups have surged into cryptocurrency operations. These present entirely new avenues to exploit that are generally not found in traditional banking circles, including cryptocurrency wallets, exchanges, and cryptojacking.

Additionally, the report finds threat groups are looking to add to their armory and implement new weapons, such as the emerging threat of deepfakes. Deepfakes are relatively easy to generate and give threat actors the ability to create highly convincing, but fake content to deceive individuals and organizations, undermining trust and facilitating fraud.

 

The Trustwave SpiderLabs Industry Report Series

The 2024 Trustwave Risk Radar Report: Financial Services Sector is the latest in a series researched and published by Trustwave SpiderLabs starting last year. Please visit these for an in-depth analysis of the security issues facing each industrial sector:

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo